2 matches found
CVE-2019-11061 HG100 has a broken access control vulnerability in its Web API Server
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://target/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 Confidentiality, Integrity...
CVE-2019-11061
CVE-2019-11061 concerns the ASUS HG100 SmartHome Gateway. A broken access control flaw in HG100 firmware versions up to 4.00.06 lets an attacker on the same LAN access http://[target]/smarthome/devicecontrol without authentication, enabling remote control of connected IoT devices. Publicly stated...